<div dir="ltr"><div><br></div><div># vars.xml</div><div>  <X-PRE-PROCESS cmd="set" data="sip_tls_version=tlsv1.2"/><br>  <X-PRE-PROCESS cmd="set" data="sip_tls_ciphers=ALL:!ADH:!LOW:!EXP:!RC4:!3DES:!MD5:@STRENGTH"/><br></div><div><br></div># internal.xml<div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>    <param name="wss-binding" value=":443"/><br>    <param name="tls-version" value="$${sip_tls_version}"/><br>    <param name="tls-ciphers" value="$${sip_tls_ciphers}"/></div><div><br></div><div>However when I check out my server with <a href="https://www.ssllabs.com/ssltest/analyze.html">https://www.ssllabs.com/ssltest/analyze.html</a> it shows TLS1.1 along with TLS1.2. </div><div><br></div><div>Any way to JUST have the server answer TLS1.2? Also is it possible to set the order of cipher suites and get rid of:</div><div><br></div><div><table class="gmail-reportTable" style="border-collapse:collapse;width:850px;margin:0px 10px 0px 0px;padding:0px;font-size:12px;line-height:20px;background-color:rgb(253,253,253)"><thead><tr><td id="gmail-suitesHeading" class="gmail-tableHead" colspan="3" style="color:rgb(0,157,223);font-weight:bold;padding-bottom:5px;vertical-align:middle;border-bottom:2px solid rgb(198,210,212);font-size:13px">Cipher Suites</td></tr></thead><tbody id="gmail-suitesBody"><tr class="gmail-tableSeparator"><td class="gmail-tableSubHead" colspan="3" style="color:rgb(0,157,223);font-weight:bold;padding-bottom:5px;vertical-align:middle;padding-top:15px;border-bottom:1px solid rgb(198,210,212)"><span class="gmail-hideIcon" id="gmail-hidecipher1" style="text-align:center;display:block;width:14px;height:14px;float:right"><img src="https://www.ssllabs.com/images/collapse.png" width="14" height="14" style="border: none;"></span><div class="gmail-reportSubHeading" style="float:left;width:825px"># TLS 1.2 (server has no preference)</div></td></tr></tbody><tbody class="gmail-cipher1Block"><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_128_CBC_SHA (<code>0x2f</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">128</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (<code>0x41</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">128</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_128_CBC_SHA256 (<code>0x3c</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">128</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_128_GCM_SHA256 (<code>0x9c</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">128</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_256_CBC_SHA (<code>0x35</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">256</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (<code>0x84</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">256</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_256_CBC_SHA256 (<code>0x3d</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">256</font></td></tr><tr class="gmail-tableRow"><td class="gmail-tableLeft" style="padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">TLS_RSA_WITH_AES_256_GCM_SHA384 (<code>0x9d</code>)   <b>WEAK</b></font></td><td class="gmail-tableRight" style="width:50px;text-align:right;padding:3px 0px;border-bottom:1px solid rgb(240,240,240);vertical-align:middle"><font color="#F88017">256</font></td></tr></tbody></table></div><div><br></div><div><br></div><div>><><br>nathan stratton</div></div></div></div></div></div>